Cryptography & Information Security

Master the fundamentals of cryptographic algorithms and security principles through interactive learning

🔐

SHA-1 Hash Functions

Learn cryptographic hash functions with detailed SHA-1 algorithm breakdown

🔄

Block Cipher Modes

Explore symmetric encryption modes: ECB, CBC, CFB, OFB, and CTR

🔑

RSA Algorithm

Master asymmetric cryptography with RSA key generation and operations

🎲

Random Number Generation

Understand LCG and BBS algorithms for secure random number generation

🛡️

Operating System Security

Study protection mechanisms and security models in operating systems

📝

Practice Exams

Test your knowledge with comprehensive exam-style questions

Cryptographic Hash Functions: SHA-1

Learn the Secure Hash Algorithm 1 with detailed step-by-step breakdown

Hash Function Properties

Hash functions are mathematical algorithms that convert input data of any size into fixed-size output values. SHA-1 is a cryptographic hash function that produces a 160-bit hash value.

One-way Function

It's computationally infeasible to reverse the hash to obtain the original input

Fixed Output Size

SHA-1 always produces a 160-bit (20-byte) hash regardless of input size

Avalanche Effect

Small changes in input produce drastically different hash values

Collision Resistance

It's extremely difficult to find two different inputs with the same hash

Mathematical Foundation

SHA-1 uses four logical functions applied to different word ranges:

F₁ (W₀-W₁₉): (B ∧ C) ∨ (¬B ∧ D)
F₂ (W₂₀-W₃₉): B ⊕ C ⊕ D
F₃ (W₄₀-W₅₉): (B ∧ C) ∨ (B ∧ D) ∨ (C ∧ D)
F₄ (W₆₀-W₇₉): B ⊕ C ⊕ D

SHA-1 Algorithm Steps

1

ASCII Conversion

Convert each character in the input message to its ASCII decimal value. For example, 'A' = 65, 'B' = 66, etc.

2

Binary Conversion

Convert each ASCII value to its 8-bit binary representation. For instance, 65 becomes 01000001.

3

Concatenation

Join all binary values together to form one continuous binary string representing the complete message.

4

Padding

Add a single '1' bit followed by enough '0' bits to make the total length ≡ 448 (mod 512). This ensures space for the length field.

5

Length Field

Append the original message length as a 64-bit binary number, making the total exactly 512 bits.

6

Word Splitting

Divide the 512-bit chunk into 16 words of 32 bits each (W₀ through W₁₅).

7

Word Extension

Extend from 16 to 80 words using: W₍ᵢ₎ = (W₍ᵢ₋₃₎ ⊕ W₍ᵢ₋₈₎ ⊕ W₍ᵢ₋₁₄₎ ⊕ W₍ᵢ₋₁₆₎) ≪ 1

8

Processing Rounds

Apply 80 rounds of processing using the four logical functions and specific constants for each group of 20 rounds.

9

Final Hash

Combine the results to produce the final 160-bit hash value, typically represented as a 40-character hexadecimal string.

Detailed Example: Hashing "hi"

Step 1: ASCII Conversion

h = 104 i = 105

Step 2: Binary Conversion

104 = 01101000 105 = 01101001

Step 3: Concatenation

0110100001101001 (16 bits total)

Step 4: Add Padding Bit

01101000011010011 (17 bits after adding '1')

Step 5: Pad to 448 bits

448 - 17 = 431 zeros needed Total: 448 bits

Step 6: Add Length Field

Original length: 16 bits 64-bit representation: 0000000000000000000000000000000000000000000000000000000000010000 Final total: 512 bits

Interactive SHA-1 Calculator

Practice Questions

Question 1: Multiple Choice

What is the output size of SHA-1 hash function?

Question 2: Calculation

If a message has 25 bits, how many zeros must be added for SHA-1 padding?

Question 3: Short Answer

List the four logical functions used in SHA-1 and their corresponding word ranges.

Symmetric Cryptography: Block Cipher Modes

Master different modes of operation for block ciphers

ECB (Electronic Code Book)

Cᵢ = E(K, Pᵢ)

Description: Each block is encrypted independently with the same key

Advantages:

  • Simple implementation
  • Parallel processing possible
  • No error propagation

Disadvantages:

  • Pattern visibility in ciphertext
  • Identical plaintext blocks produce identical ciphertext
  • Vulnerable to substitution attacks
Security: Low

CBC (Cipher Block Chaining)

Cᵢ = E(K, Pᵢ ⊕ Cᵢ₋₁)

Description: Each block is XORed with previous ciphertext before encryption

Advantages:

  • Hides patterns in plaintext
  • Same plaintext produces different ciphertext
  • Good diffusion properties

Disadvantages:

  • Sequential processing only
  • Error propagation
  • Requires initialization vector (IV)
Security: High

CFB (Cipher Feedback)

Cᵢ = Pᵢ ⊕ E(K, Cᵢ₋₁)

Description: Turns block cipher into stream cipher by encrypting IV/previous ciphertext

Process:

  1. Encrypt IV with key
  2. XOR result with plaintext
  3. Use ciphertext as next IV
Security: High

OFB (Output Feedback)

Cᵢ = Pᵢ ⊕ Oᵢ

Description: Generates keystream by repeatedly encrypting IV/previous output

Process:

  1. Encrypt IV with key
  2. XOR result with plaintext
  3. Use encryption output as next IV
Security: High

CTR (Counter)

Cᵢ = Pᵢ ⊕ E(K, Counter + i)

Description: Encrypts counter values to create keystream

Advantages:

  • Parallel processing possible
  • Random access to any block
  • No error propagation
  • Preprocessing possible
Security: High

Mode Comparison Table

Mode Security Performance Error Propagation Parallel Processing Random Access
ECB Low High None Yes Yes
CBC High Medium Yes No No
CFB High Medium Yes No No
OFB High Medium None No No
CTR High High None Yes Yes

Block Cipher Mode Simulator

You can enter plain text or hexadecimal values
Key will be padded/truncated to 8 bytes for this demo

Practice Questions

Question 1: Comparison

Compare ECB and CBC modes in terms of security, performance, and error propagation.

Asymmetric Cryptography: RSA Algorithm

Master the RSA public-key cryptosystem

RSA Key Generation Process

1

Choose Prime Numbers

Select two large prime numbers p and q. For security, these should be roughly the same size.

Example: p = 3, q = 11
2

Calculate n

Compute n = p × q. This will be used as the modulus for both keys.

Example: n = 3 × 11 = 33
3

Calculate Euler's Totient

Compute φ(n) = (p-1)(q-1). This represents the count of integers less than n that are coprime to n.

Example: φ(33) = (3-1)(11-1) = 2 × 10 = 20
4

Choose Public Exponent e

Select e where 1 < e < φ(n) and gcd(e,φ(n)) = 1. Common choices are 3, 17, or 65537.

Example: e = 7 (since gcd(7,20) = 1)
5

Calculate Private Exponent d

Find d such that (d × e) ≡ 1 (mod φ(n)). Use the Extended Euclidean Algorithm.

Example: d = 3 (since 3 × 7 = 21 ≡ 1 (mod 20))

Final Keys:

Public Key: (n, e) = (33, 7)
Private Key: (n, d) = (33, 3)

RSA Encryption & Decryption

Encryption

C = M^e mod n

To encrypt a message M using the recipient's public key (n, e):

  1. Convert message to numerical representation
  2. Apply the encryption formula
  3. Send the ciphertext C

Decryption

M = C^d mod n

To decrypt ciphertext C using your private key (n, d):

  1. Apply the decryption formula
  2. Convert result back to message format
  3. Retrieve original message M

Mathematical Properties

Commutativity: Encryption and decryption operations are inverse of each other
Security: Based on the difficulty of factoring large composite numbers
Key Relationship: e × d ≡ 1 (mod φ(n))

Complete RSA Example

Scenario: Encrypting message "AC"

Step 1: Message to Number Conversion

A = 1, B = 2, ..., Z = 26

AC → A=1, C=3 → 13 (combining as 1*10 + 3)

Step 2: Using Our Generated Keys

Public Key: (n=33, e=7)

Private Key: (n=33, d=3)

Message M = 13

Step 3: Encryption

C = M^e mod n

C = 13^7 mod 33

C = 62,748,517 mod 33

C = 7

Step 4: Decryption

M = C^d mod n

M = 7^3 mod 33

M = 343 mod 33

M = 13 ✓

Result Verification:

Original message: 13 (AC)

Encrypted: 7

Decrypted: 13 (AC) ✓

Interactive RSA Calculator

Key Generation

Encryption/Decryption

Practice Questions

Question 1: Key Generation

Given p=5 and q=7, calculate n, φ(n), and find suitable values for e and d.

Question 2: Encryption

Using the public key (35, 5), encrypt the message M=6.

Random Number Generation

Learn LCG and BBS algorithms for secure random number generation

Linear Congruential Generator (LCG)

Ri+1 = (aRi + c) mod m

Parameters

m: modulus (m > 0)
a: multiplier (0 < a < m)
c: increment (0 ≤ c < m)
R₀: seed (0 ≤ R₀ < m)

Example: m=8, a=5, c=1, R₀=5

R₁ = (5×5+1) mod 8 = 26 mod 8 = 2 U₁ = 2/8 = 0.25
R₂ = (5×2+1) mod 8 = 11 mod 8 = 3 U₂ = 3/8 = 0.375
R₃ = (5×3+1) mod 8 = 16 mod 8 = 0 U₃ = 0/8 = 0.0

Parameter Selection Guidelines

  • m should be large for longer period
  • a-1 should be divisible by all prime factors of m
  • If m is divisible by 4, then a-1 should be divisible by 4
  • c and m should be relatively prime

Blum Blum Shub (BBS) Generator

Xi+1 = Xi² mod n

Requirements

For cryptographic security, primes p and q must satisfy:

p ≡ q ≡ 3 (mod 4)

Generation Process

1

Choose Primes

Select two large primes p and q where p ≡ q ≡ 3 (mod 4)

2

Calculate n

Compute n = p × q

3

Choose Seed

Select seed s that is relatively prime to n

4

Generate Sequence

X₀ = s² mod n, then X_{i+1} = X_i² mod n

Security Properties

  • Cryptographically Secure: Proven secure under quadratic residuosity assumption
  • Unpredictability: Given X_i, predicting X_{i+1} is as hard as factoring n
  • Period: Maximum period is λ(λ(n)) where λ is Carmichael function

Random Number Generator Simulator

LCG Parameters

Practice Questions

Question 1: LCG Calculation

Given LCG parameters: m=16, a=5, c=3, R₀=7. Calculate the first 3 values in the sequence.

Operating System Security

Study protection mechanisms and security models in operating systems

Types of Protection

Physical Protection

Different processes use different physical hardware components

  • Memory protection units
  • Separate processing cores
  • Hardware isolation

Temporal Protection

Processes with different security levels run at different times

  • Time-division multiplexing
  • Context switching
  • Scheduled execution

Logical Protection

Software-based isolation between processes

  • Virtual memory
  • Access control lists
  • Process isolation

Cryptographic Protection

Encryption-based protection of data and communications

  • Data encryption
  • Secure channels
  • Digital signatures

Protected Objects

🧠 Memory
💾 I/O Devices
📋 Programs & Procedures
📄 Data
⚙️ Hardware

Security Concepts

Security Kernel

Definition: The core component responsible for enforcing security mechanisms of the entire operating system

Responsibilities:

  • Access control enforcement
  • Security policy implementation
  • Audit trail generation
  • Security state maintenance

Reference Monitor

Definition: Controls access to objects in the system by mediating all access requests

Properties:

  • Always invoked (complete mediation)
  • Tamper-proof
  • Small and simple (verifiable)
  • Never bypassed

Trusted Computing Base (TCB)

Definition: All components (hardware, software, firmware) necessary to enforce security policy

Components:

  • Security kernel
  • Hardware protection mechanisms
  • Security-relevant system software
  • Administrative procedures

Operating System Security Comparison

Aspect Linux Windows
Source Code Open Source Proprietary
Cost Free Licensed
Kernel Type Unified/Monolithic Kernel Hybrid Kernel
Security Level More Secure Less Secure
User Types 3 types (Root, System, Normal) 4 types (System, Administrator, User, Guest)
File System ext2, ext3, ext4, XFS NTFS, FAT32, exFAT
Updates Community-driven, frequent Microsoft-controlled, scheduled

Security Features Comparison

Linux Security Advantages:

  • Strong permission model (chmod, chown)
  • SELinux for mandatory access control
  • Open source code allows security auditing
  • Less targeted by malware
  • Built-in firewall (iptables)

Windows Security Features:

  • User Account Control (UAC)
  • Windows Defender
  • BitLocker encryption
  • Windows Security Center
  • Group Policy for enterprise management

Practice Questions

Question 1: Protection Types

Explain the difference between physical and logical protection mechanisms.

Practice Exams

Test your knowledge with comprehensive exam-style questions